On Malware Attribution And Fallacy of Methodological Nationalism

“Who did it?” is a fairly common question to hear as soon as things calm down and there is time to think again. Hasty conclusions would only lead to massive collateral damage, yet sometimes the urgency to punish and restore order is so pressing, that even the most calm and wise sovereigns just start to shoot in the forest, thinking that the bad guy must be there somewhere.

Attribution in cyberspace is a hot topic today. Hackers are arrested, some are hiding in embassies or exiling abroad. Law and enforcemet officers from the lowest street patrols all the way to mafia and petty crime are all exited and horny about the new capabilities and visibiliy that the mythic cyber space will bring to their operations. Protective walls of territorially limited sovereignty came crushing down, as five angry eyes woke up on the top of the global Foucaultian Tower.

Legacy Concepts Won´t Scale Up

World has been struggling on with the difficult dipole of local and global. Fascinating global presence, universalism, has been feed up with Enlightenment to Reason and Knowledge. Horrors of the world wars not too long time ago shaped and established a common international consensus and structure of sovereignty based on territorially limited mandate. There was much need for that and good reasons. Nobody wanted or even dared to promote a Single Truth.

The stability of the international level based much on another controversial outcome of the horrific and tragic wars. Deterrent of mutual destruction and rational balance of power. Attribution, jurisdiction, right for punishment and the use of final argument were all territorially limited. Without a global cyberspace, only a regulated international trade and crappy phone lines, territorially limited attribution performed rather well for a long time. Traditional bank robbers as well as corrupted officials, political prisoners and general public largely knew that criminality, attribution, punishment and to much extend also concepts of moralistic notions towards right or wrong were also under the territorially limited mandate – for a good reason.

Cyberspace brings a mythic global mandate, but also global attribution, universal jurisdiction, Single Truth and what is more – lets the Final Argument escape its territorial cages and be used by just about anyone who wish. Attribution in the cyberspace can not avoid facing this issue.

“…we do not attribute attacks to nations. We share evidence with national law enforcement agencies to assist in their pursuit of a wrongdoer.” – William “Bill” Malik in August 16, 2017 at TrendMicro Blog

Private security providers and “investigators”, mercenaries if you like, have taken hold on the Final Argument and mix the characteristics of pimps and dealers. This is the ultimate nature of Cyber War as we have it today. In order to establish a Cyber Peace, a mutually accepted solution to this issue is required.

National Identities and Cyberspace

Easy response spanning from the past is of course to reach out back to the concepts of territory and to empower the old Nation to act as a Super Nation in Cyber Space. But, territory in the cyberspace is more than just 5th domain where old military might can operate like drunken elephants on a foreign soil. Cyber Space will challenge the 3rd dimension of power. It will re-shape identities and eventually, create also borders and checkpoints to establish new limited mandates for authority.

Attribution to malware creation is in the core of this dilemma, as are the questions of access to tools of dominance, also known as malware, spyware and cyber espionage. It is only understandable that some try to reach out back to the history, lean on legacy concepts and institutions. Roll out and deploy military to secure the cyberspace, to promote national interests by terrorizing people globally. An army who has moral and good mind, would just refuse, but some crazy troops just go on and fight – everywhere! Yes, because: we can!

Who did it? Who did shoot JFK? Attribution is much more political and weak concept than many dare to express. Narrow and militant attribution, shoot-them-all policies and tight cut on the causal chain all may provoke more than suppress the ongoing mayhem in the world, in the cyberworld as well as in the real thing.